GitHub Dependency Health Checker 🩺

Stop guessing whether a dependency is still maintained. This actor scores the maintenance health and abandonment risk of any GitHub repository and returns a clear 0-100 health score, a verdict (Healthy, Moderate, At risk, Likely abandoned, Abandoned), and concrete risk flags — so you get a judgment, not just raw stats.

Feed it a list of repos, or paste a package.json or requirements.txt and it will check the GitHub-hosted dependencies for you.

Why this is different

Most GitHub scrapers hand you raw fields (stars, last commit) and leave the interpretation to you. This one does the interpretation: it blends activity recency, release/age signals, archived status, issue backlog, popularity, and a single-maintainer (bus-factor) check into one transparent score, and tells you why in plain language.

What it checks

• 🕒 Activity recency — how long since the last push (the strongest abandonment signal)
• 📦 Archived / disabled status — hard risk flags
• 🐛 Issue backlog pressure — open issues relative to popularity
• 👤 Bus-factor — single-maintainer projects are flagged as supply-chain risk
• 📜 Licensing — missing/unclear license is flagged
• ⭐ Adoption — popularity as a mild trust signal

Every score is broken down into its components in the output, so it's auditable — not a black box.

Use cases

• Supply-chain risk audits — score every dependency in your package.json / requirements.txt
• Dependency selection — compare candidate libraries before adopting one
• Tech due diligence — assess the health of a codebase's dependencies
• Ongoing monitoring — schedule it to re-check your dependency list and catch newly-abandoned packages

Input

Field	Description
Repositories	List of owner/name, GitHub URLs, or git URLs.
Manifest contents (optional)	Paste a package.json or requirements.txt; GitHub-hosted deps are extracted automatically.
Manifest type	Auto-detect, or force package.json / requirements.txt.
Check contributors	Toggle the bus-factor check (one extra API call per repo).
GitHub token (optional)	Recommended for more than a few repos — raises rate limits massively. A no-scope token is enough.

Output

{
  "repository": "clips/pattern",
  "found": true,
  "url": "https://github.com/clips/pattern",
  "healthScore": 68.0,
  "verdict": "Moderate",
  "riskFlags": ["No commits pushed in 717 days"],
  "daysSinceLastPush": 717,
  "stars": 8854,
  "forks": 1558,
  "openIssues": 150,
  "contributors": 20,
  "language": "Python",
  "license": "BSD-3-Clause",
  "archived": false,
  "scoreComponents": {
    "recency": 8.0, "maturity": 15.0, "backlog": 15.0,
    "popularity": 20.0, "busFactor": 10.0, "statusPenalty": 0.0, "licenseOk": true
  }
}

Export to JSON, CSV, or Excel, or pull via the Apify API. Connect to Slack, Sheets, Zapier, or Make for scheduled monitoring and alerts.

About the score

The health score is a transparent weighted blend of signals, capped 0-100, with hard penalties for archived/disabled repos. The component breakdown is included in every result so you can see exactly how a score was reached and apply your own thresholds. It is a heuristic risk indicator, not a guarantee — always combine it with your own review for critical dependencies.

Notes

• Uses the official public GitHub REST API. Independent tool, not affiliated with GitHub.
• Works without a token for small runs; add a free no-scope token for larger dependency lists.